Windows Event Forwarding for Network Defense – Palantir – Medium
http://ift.tt/2jkKIcj
Submitted September 12, 2017 at 04:14AM by jeffmcjunkin
via reddit http://ift.tt/2w2nY6P
http://ift.tt/2jkKIcj
Submitted September 12, 2017 at 04:14AM by jeffmcjunkin
via reddit http://ift.tt/2w2nY6P
Medium
Windows Event Forwarding for Network Defense
Incident detection and response across thousands of hosts requires a deep understanding of actions and behavior across users, applications…
The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device
http://ift.tt/2jjIolw
Submitted September 12, 2017 at 08:04PM by RandomFlotsam
via reddit http://ift.tt/2w51VMz
http://ift.tt/2jjIolw
Submitted September 12, 2017 at 08:04PM by RandomFlotsam
via reddit http://ift.tt/2w51VMz
armis
Blueborne • armis
The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device General Overview Affected Devices Technical Overview General Overview Armis Labs revealed a new attack vector endangering major mobile, desktop, and IoT operating systems, including Android…
The CERT Guide to Coordinated Vulnerability Disclosure
http://ift.tt/2wcbKr3
Submitted September 12, 2017 at 07:15PM by ascaroth
via reddit http://ift.tt/2h2cTIC
http://ift.tt/2wcbKr3
Submitted September 12, 2017 at 07:15PM by ascaroth
via reddit http://ift.tt/2h2cTIC
insights.sei.cmu.edu
The CERT Guide to Coordinated Vulnerability Disclosure
We are happy to announce the release of the CERT® Guide to Coordinated Vulnerability Disclosure (CVD). The guide provides an introduction to the key concepts, principles, and roles necessary to establish a successful CVD process. It also provides insights…
Reverse Engineering the OBi200 Google Voice Appliance: Part 2
http://ift.tt/2h1Vi3e
Submitted September 12, 2017 at 07:13PM by rwestergren
via reddit http://ift.tt/2xuSdU5
http://ift.tt/2h1Vi3e
Submitted September 12, 2017 at 07:13PM by rwestergren
via reddit http://ift.tt/2xuSdU5
Randy Westergren
Reverse Engineering the OBi200 Google Voice Appliance: Part 2 - Randy Westergren
In part 1 of this post, I wrote about analyzing the firmware of the OBi200 and getting a root shell leveraging an existing RCE vuln. In this post, I’ll cover the process of identifying the serial port pins and connecting them to get console access to the…
BlueBorne technical paper [PDF]
http://ift.tt/2xihmRb
Submitted September 12, 2017 at 08:57PM by imr2017
via reddit http://ift.tt/2xXA9y9
http://ift.tt/2xihmRb
Submitted September 12, 2017 at 08:57PM by imr2017
via reddit http://ift.tt/2xXA9y9
Don't Delay: Replace Symantec TLS/SSL Certs Now | HIPAA
http://ift.tt/2wUPnHs
Submitted September 12, 2017 at 10:03PM by weev1
via reddit http://ift.tt/2fghzKw
http://ift.tt/2wUPnHs
Submitted September 12, 2017 at 10:03PM by weev1
via reddit http://ift.tt/2fghzKw
Healthcareinfosecurity
Don't Delay: Replace Symantec TLS/SSL Certs Now
A major operation to cleanse websites of digital certificates created under questionable circumstances is underway. Google has issued the orders: Purge digital
WannaCry, Petya and All That Is Wrong With the Cyber Security Ecosystem
http://ift.tt/2wmLXsG
Submitted September 12, 2017 at 10:13PM by weev1
via reddit http://ift.tt/2wYOpsV
http://ift.tt/2wmLXsG
Submitted September 12, 2017 at 10:13PM by weev1
via reddit http://ift.tt/2wYOpsV
Cyberint
WannaCry, Petya and All That Is Wrong With the Cyber Security Ecosystem
WannaCry and Petya, both of these attacks could have been avoided. Find out what is wrong with the cyber security ecosystem.
Today Apple forgot to talk about iOS security from the last couple years
http://ift.tt/2y3BBjm
Submitted September 13, 2017 at 01:05AM by eeeeeekssss
via reddit http://ift.tt/2w5bn2F
http://ift.tt/2y3BBjm
Submitted September 13, 2017 at 01:05AM by eeeeeekssss
via reddit http://ift.tt/2w5bn2F
TechRepublic
iOS security alert: Your device is transmitting Exchange credentials without any encryption
Every iOS device that connects to an Exchange server is vulnerable--your credentials may have already been harvested.
Are GNU/Linux systems no longer secure?
I have been reading Top secret files in Wikileaks about agencies and corporations intended to break into security systems, crack encryption systems, and hack into computers. So far I've found information where companies offer services and software to governments, where they claimed this tools can bypass GNU/Linux systems like Debian.They promote methods to bypass Log in passwords in Debian, without the need of changing the target's password. Personally I have a strong passphrase for Debian and LVM encryption, however, I wonder if they can crack a Debian log in screen even if the target has a strong passphrase.Moreover it also concerns me if our beautiful free open software is now compromised for big agencies or is being weakened for corporations like The Hacking Team, FinFisher, GammaGroup. How safe to use does GNU/Linux still?
Submitted September 13, 2017 at 01:22AM by fifth_wheel_5
via reddit http://ift.tt/2wYEnWX
I have been reading Top secret files in Wikileaks about agencies and corporations intended to break into security systems, crack encryption systems, and hack into computers. So far I've found information where companies offer services and software to governments, where they claimed this tools can bypass GNU/Linux systems like Debian.They promote methods to bypass Log in passwords in Debian, without the need of changing the target's password. Personally I have a strong passphrase for Debian and LVM encryption, however, I wonder if they can crack a Debian log in screen even if the target has a strong passphrase.Moreover it also concerns me if our beautiful free open software is now compromised for big agencies or is being weakened for corporations like The Hacking Team, FinFisher, GammaGroup. How safe to use does GNU/Linux still?
Submitted September 13, 2017 at 01:22AM by fifth_wheel_5
via reddit http://ift.tt/2wYEnWX
reddit
Are GNU/Linux systems no longer secure? • r/security
I have been reading Top secret files in Wikileaks about agencies and corporations intended to break into security systems, crack encryption...
TIPS For Noob Linux Server User
SO i just get it now, i want some tips for dont get fucked or hacked the server. Also for dont get it inside a botnet or for spread malware.Any good tips?
Submitted September 13, 2017 at 01:58AM by -PrivacyRight-
via reddit http://ift.tt/2xw0vLr
SO i just get it now, i want some tips for dont get fucked or hacked the server. Also for dont get it inside a botnet or for spread malware.Any good tips?
Submitted September 13, 2017 at 01:58AM by -PrivacyRight-
via reddit http://ift.tt/2xw0vLr
reddit
TIPS For Noob Linux Server User • r/security
SO i just get it now, i want some tips for dont get fucked or hacked the server. Also for dont get it inside a botnet or for spread malware. Any...
Asterisk RTPbleed vulnerability
http://ift.tt/2wvYrBq
Submitted September 13, 2017 at 02:05AM by agDane
via reddit http://ift.tt/2jmVNJx
http://ift.tt/2wvYrBq
Submitted September 13, 2017 at 02:05AM by agDane
via reddit http://ift.tt/2jmVNJx
GitHub
EnableSecurity/advisories
Security advisories published by Enable Security
Equifax Breach: How To Use 143 Million Stolen Identities
http://ift.tt/2wZgSP5
Submitted September 13, 2017 at 01:57AM by heyitsmikeyv
via reddit http://ift.tt/2f43wec
http://ift.tt/2wZgSP5
Submitted September 13, 2017 at 01:57AM by heyitsmikeyv
via reddit http://ift.tt/2f43wec
Michael Veenstra
Equifax Breach: How To Use 143 Million Stolen Identities
You've heard about the Equifax breach. You probably assume your data is involved. Let's talk about what the attackers are going to do with it.
How to encrypt my hard drive?
http://ift.tt/2xvIBZc
Submitted September 13, 2017 at 02:33AM by the_dark_magic
via reddit http://ift.tt/2fgP27O
http://ift.tt/2xvIBZc
Submitted September 13, 2017 at 02:33AM by the_dark_magic
via reddit http://ift.tt/2fgP27O
Stackexchange
Hard drive encryption
I would like to encrypt the partitions on my hard drive. They're partioned and mounted as follows:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 494,4G 0 disk
├─sda1 8:1 0 ...
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 494,4G 0 disk
├─sda1 8:1 0 ...
Since Apple Face ID processes the data locally, are there other ways law enforcement/hackers can obtain facial data from an iPhone?
Apple made a point today to say that the processing for Face ID is done on the phone itself and never sent to an Apple server. This got me thinking on other ways our facial information data can get into the wrong hands.Is it possible to obtain this data through other apps? If I give an app like Facebook/Snapchat access to my camera, my face is stored on their servers so wouldn't it be easy to obtain my facial information and hack into my phone?
Submitted September 13, 2017 at 03:16AM by Sucker_for_horns
via reddit http://ift.tt/2jl27Bo
Apple made a point today to say that the processing for Face ID is done on the phone itself and never sent to an Apple server. This got me thinking on other ways our facial information data can get into the wrong hands.Is it possible to obtain this data through other apps? If I give an app like Facebook/Snapchat access to my camera, my face is stored on their servers so wouldn't it be easy to obtain my facial information and hack into my phone?
Submitted September 13, 2017 at 03:16AM by Sucker_for_horns
via reddit http://ift.tt/2jl27Bo
reddit
Since Apple Face ID processes the data locally, are... • r/security
Apple made a point today to say that the processing for Face ID is done on the phone itself and never sent to an Apple server. This got me...
Patch Tuesday review: zero-day vulnerability in .NET Framework and 82 other bugs
http://ift.tt/2f46gbI
Submitted September 13, 2017 at 02:58AM by CybersecurityHelp
via reddit http://ift.tt/2jokHc6
http://ift.tt/2f46gbI
Submitted September 13, 2017 at 02:58AM by CybersecurityHelp
via reddit http://ift.tt/2jokHc6
www.cybersecurity-help.cz
Patch Tuesday review: zero-day vulnerability in .NET Framework and 82 other bugs
Microsoft patched 83 vulnerabilities in total.
Microsoft Patches .NET Zero Day Vulnerability in September Update
http://ift.tt/2xiYGjZ
Submitted September 13, 2017 at 04:40AM by majorllama
via reddit http://ift.tt/2xjfXtC
http://ift.tt/2xiYGjZ
Submitted September 13, 2017 at 04:40AM by majorllama
via reddit http://ift.tt/2xjfXtC
Threatpost | The first stop for security news
Microsoft Patches .NET Zero Day Vulnerability in September Update
Microsoft fixes 25 critical vulnerabilities including one zero day under attack and one tied to the high-profile BlueBorne attack vector.
FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY
http://ift.tt/2xXJIgi
Submitted September 13, 2017 at 01:40AM by majorllama
via reddit http://ift.tt/2wYfISr
http://ift.tt/2xXJIgi
Submitted September 13, 2017 at 01:40AM by majorllama
via reddit http://ift.tt/2wYfISr
FireEye
FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY « Threat Research Blog
FireEye recently detected a malicious Microsoft Office RTF document that leveraged CVE-2017-8759, a SOAP WSDL parser code injection vulnerability.
2017 Collegiate Penetration Testing Competition Registration Open!
http://ift.tt/2wXvoFp
Submitted September 13, 2017 at 04:49AM by gen0cide_
via reddit http://ift.tt/2f3fDsc
http://ift.tt/2wXvoFp
Submitted September 13, 2017 at 04:49AM by gen0cide_
via reddit http://ift.tt/2f3fDsc
nationalcptc.org
Collegiate Penetration Testing Competition - Register
A denoscription of the Collegiate Penetration Testing Competition that includes information for teams, volunteers, and other information about the competition both current and prior.
Best Phone for Security?
Now that Apple has revealed their new iPhone starting at a ridiculous price, I began to think of alternatives. I would like to know what you all think is the best phone in terms of security. Maybe a good lower costing phone up to a higher costing phone with the pros and cons.
Submitted September 13, 2017 at 05:53AM by Deaf_Priest
via reddit http://ift.tt/2xw3m7b
Now that Apple has revealed their new iPhone starting at a ridiculous price, I began to think of alternatives. I would like to know what you all think is the best phone in terms of security. Maybe a good lower costing phone up to a higher costing phone with the pros and cons.
Submitted September 13, 2017 at 05:53AM by Deaf_Priest
via reddit http://ift.tt/2xw3m7b
reddit
Best Phone for Security? • r/security
Now that Apple has revealed their new iPhone starting at a ridiculous price, I began to think of alternatives. I would like to know what you all...
BlueBorn - Wide Spread Bluetooth Vulnerabilities
http://ift.tt/2jjIolw
Submitted September 13, 2017 at 05:59AM by dij-8al
via reddit http://ift.tt/2wZSbCo
http://ift.tt/2jjIolw
Submitted September 13, 2017 at 05:59AM by dij-8al
via reddit http://ift.tt/2wZSbCo
armis
Blueborne • armis
The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device General Overview Affected Devices Technical Overview General Overview Armis Labs revealed a new attack vector endangering major mobile, desktop, and IoT operating systems, including Android…